In the twisted realm of my life’s journey, I recently found myself forcibly unshackled from the bonds of employment. A dubious liberation, to be sure, but one that has granted me the most precious of all commodities: time. Time to descend into the cavernous depths of my lab projects, a realm where curiosity dances hand in hand with urgency.
At the core of this labyrinthine endeavor lies the vital task of nurturing my lab’s infrastructure back to robust health. My venerable virtual machine, ‘Ramon,’ has been the stalwart guardian of my digital dominion for three tumultuous years. It has hosted the chaotic symphony of my experiments, and its innards are shrouded in mystery. Vague memories of configurations past haunt my thoughts like specters in the night.
Ramon, my trusty virtual sentinel, currently bears the weight of myriad responsibilities. It is the steward of Jenkins, the maestro of home automation, and the custodian of server and network configurations and CI\CD. But it doesn’t stop there; Ramon also dons the hats of the TIG stack conductor (Telegraf, InfluxDB, Grafana), the gatekeeper of OpenVPN, the sage of HomeAssistant, the sentinel of PiHole DNS filtration, and the custodian of cron jobs that tame the DNS realms of DuckDNS and Cloudflare.
The notion of a new incarnation of Ramon has teased my thoughts for months. This time, the plan is to transmigrate all workloads to the coveted realm of Kubernetes, the orchestration maestro of the digital age. My resolve is steadfast: every flow, deployment, and installation shall be chronicled meticulously.
Yet, as I tread this path, an epiphany dawns—a realization that this Kubernetes odyssey could become a cherished feather in my cap of DEVOPS exploits. Two endeavors converging like meteors on a collision course—truly, it’s a case of “two stones with one bird.”
But, there remains one paramount decision—the flavor of Kubernetes. While OpenShift has graced my repertoire, I find myself drawn to the siren call of Rancher RKE, lured by its simplicity and flexibility.
Hardware-wise, I’ve outlined the specifications:
- CPU: 8
- RAM: 20GB
- Disk: 150GB
- OS: Ubuntu 20.04
The journey commenced within the hallowed chambers of my ESXi lab, a realm of virtuality and experimentation. Updates were administered, tools invoked, and then came the moment of RKE’s embrace—an installation as smooth as the whispering winds of a desert night.
With the Kubernetes foundation laid, it was time to summon Jenkins into this new digital realm and weave the threads of a CI/CD pipeline. Helm charts for Jenkins, procured from the hallowed vaults of ArtifactHub, were meticulously tuned to my whims. Installation proved victorious.
Yet, in the treacherous terrain of Docker within Docker, a predictable failure lurked—its name whispered in error messages: “jenkins docker: not found.” The answer was clear; a more elegant solution beckoned. After an arduous day of Helm chart battles waged in vain, a fresh decree was issued—Jenkins from the ground up.
YAML files were summoned, and within their encoded secrets lay the alchemical recipe—a Jenkins container wielding the host’s ‘docker daemon,’ the ‘Docker in Docker’ known as DIND. With the application of these cryptic scrolls, a Jenkins pod arose, born of the host’s daemon and capable of crafting Docker magic. A pipeline emerged, pulling code from GitHub, fashioning Docker marvels, and a webhook whispered its summons.
You can find the technical workflow of this process here.
With the pipeline triumphant, the old ‘Ramon’ cast its spectral gaze upon the new ‘Ramon V3.0.’ The torch of legacy must be passed. Jenkins jobs, venerable and tested, sought a new home. Among them, a revelation—a cadre of jobs entrusted to a humble Raspberry Pi agent in the lab. An opportunity presented itself—a tale to be spun, a tutorial on how to beckon a Jenkins agent onto the Raspberry Pi’s stage.
The path ahead is fraught with choices—should the OpenVPN server make the voyage, or should the uncharted waters of a ‘Zero Trust VPN’ be charted? Decisions hang in the balance.
Amidst the labyrinthine journey, the enigma of OpenVPN unfurled itself to reveal a hidden gem—the WireGuard VPN, an unexpected revelation. A siren song of swiftness and modern cryptography beckoned, and the decision was swift—WireGuard would be the chosen path, a chance to explore the cutting edge.
For the technophiles and fellow seekers of the arcane, a detailed guide awaits, a map to the secrets of WireGuard deployment.
As the new dawn breaks, ‘Ramon V2.0,’ the virtual sentinel of the past, stands on the precipice of retirement, a relic of bygone days hosted within the sanctum of ESXi.
With these tales and tribulations recounted, the journey continues, and onward I march, migrating and evolving. Cheers to the unknown, the experiments yet to unfold, and the ever-encroaching frontiers of the digital cosmos.